RAT Abuses Yahoo Mail for C&C Communications

Researchers at anti-malware solutions provider G Data Software have analyzed a remote administration tool (RAT) that's capable of using popular webmail and other types of services for command and control (C&C) communications.

The threat, dubbed Win32.Trojan.IcoScript.A by the company, has been around since 2012, but has managed to remain undetected until recently, G Data researcher Paul Rascagnères said in a paper (PDF) published on Virus Bulletin.

The IcoScript sample analyzed by the security firm used Yahoo Mail for C&C communications, but experts believe it could have relied on Gmail just as easily. Furthermore, since the RAT is modular, it would not be difficult for the malware writers to adapt their creation for social media platforms like LinkedIn and Facebook, Rascagnères explained.